diff options
author | Tobias Geerinckx-Rice <me@tobias.gr> | 2021-01-06 00:39:48 +0100 |
---|---|---|
committer | Tobias Geerinckx-Rice <me@tobias.gr> | 2021-01-06 00:58:43 +0100 |
commit | c23541112d09d7bdf8b6dc5fed6717560249fad0 (patch) | |
tree | b3548732d49bdcfeb2d8a354aad7df0bbdf9468d | |
parent | 0eacdd462e58845f48f1ff62d35a021ded8ab497 (diff) | |
download | guix-c23541112d09d7bdf8b6dc5fed6717560249fad0.tar.gz |
gnu: Add jitterentropy-rngd.
* gnu/packages/linux.scm (jitterentropy-rngd): New public variable.
-rw-r--r-- | gnu/packages/linux.scm | 49 |
1 files changed, 48 insertions, 1 deletions
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index a8bb9db172..71f21aa687 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -7,7 +7,7 @@ ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com> ;;; Copyright © 2015, 2016, 2017, 2018, 2020 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org> -;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr> +;;; Copyright © 2016–2021 Tobias Geerinckx-Rice <me@tobias.gr> ;;; Copyright © 2016, 2017 Alex Kost <alezost@gmail.com> ;;; Copyright © 2016 Raymond Nicholson <rain1@openmailbox.org> ;;; Copyright © 2016 Mathieu Lirzin <mthl@gnu.org> @@ -2245,6 +2245,53 @@ IPv6 packet filter. Both commands are targeted at system administrators.") (license license:gpl2+))) +(define-public jitterentropy-rngd + (package + (name "jitterentropy-rngd") + (version "1.2.0") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/smuellerDD/jitterentropy-rngd") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) + (sha256 + (base32 "1fb8zfwhwkl1d8n4cdn7rdv5rwd75qgc00d36pmkl7wgnj3c9xda")))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; no test suite + #:make-flags + (list (string-append "CC=" ,(cc-for-target)) + (string-append "PREFIX=" (assoc-ref %outputs "out")) + "UNITDIR=$(PREFIX)/lib/systemd/system") + #:phases + (modify-phases %standard-phases + (delete 'configure)))) ; no ./configure script + (home-page "https://www.chronox.de/jent.html") + (synopsis "CPU jitter random number generator daemon") + (description + "This simple daemon feeds entropy from the CPU Jitter @acronym{RNG, random +number generator} core to the kernel Linux's entropy estimator. This prevents +the @file{/dev/random} device from blocking and should benefit users of the +preferred @file{/dev/urandom} and @code{getrandom()} interfaces too. + +The CPU Jitter RNG itself is part of the kernel and claims to provide good +entropy by collecting and magnifying differences in CPU execution time as +measured by the high-resolution timer built into modern CPUs. It requires no +additional hardware or external entropy source. + +The random bit stream generated by @command{jitterentropy-rngd} is not processed +by a cryptographically secure whitening function. Nonetheless, its authors +believe it to be a suitable source of cryptographically secure key material or +other cryptographically sensitive data. + +If you agree with them, start this daemon as early as possible to provide +properly seeded random numbers to services like SSH or those using TLS during +early boot when entropy may be low, especially in virtualised environments.") + (license (list license:bsd-3 ; or + license:gpl2+)))) + (define-public lsscsi (package (name "lsscsi") |